').$not_html.html('

Hello, Bob & Jake

${not_html}

";
}
print html($html); #

Hello, Bob & Jake

(but see the L documentation for details and caveats).
See also L for L integration.
=head1 DESCRIPTION
Tired of trying to remember which strings in your program need HTML escaping?
Working on something small enough to not need a templating engine - or code
heavy enough to be better done with strings - but wanting to be careful about
user supplied data?
Yeah, me too, sometimes. So I wrote L.
The idea here is to have pervasive HTML escaping that fails closed - i.e.
escapes everything that it isn't explicitly told not to. Since in the era
of XSS (cross site scripting) attacks it's a matter of security as well as
of not serving mangled markup, I've preferred to err on the side of
inconvenience in places in order to make it as hard as possible to screw up.
We export a single subroutine, L